Keeping secrets in JavaScript

With the web slowly maturing as a platform the demand for cryptography in the browser has risen, especially in a post-Snowden era. Many of us have heard about the upcoming Web Cryptography API but at the time of writing there seem to be no good introductions available.

We will take a look at the proposed W3C spec and its current state of implementation, talk about the good parts and the pitfalls to avoid. I will share my vision of a simpler and safer NaCl-inspired API, and hopefully leave you excited about experimenting further with cryptography in the browser.